_has_pear = true;
}
if ($GLOBALS['HTMLPurifierTest']['PH5P']) {
require_once 'HTMLPurifier/Lexer/PH5P.php';
}
}
// HTMLPurifier_Lexer::create() --------------------------------------------
function test_create() {
$this->config->set('Core', 'MaintainLineNumbers', true);
$lexer = HTMLPurifier_Lexer::create($this->config);
$this->assertIsA($lexer, 'HTMLPurifier_Lexer_DirectLex');
}
function test_create_objectLexerImpl() {
$this->config->set('Core', 'LexerImpl', new HTMLPurifier_Lexer_DirectLex());
$lexer = HTMLPurifier_Lexer::create($this->config);
$this->assertIsA($lexer, 'HTMLPurifier_Lexer_DirectLex');
}
function test_create_unknownLexer() {
$this->config->set('Core', 'LexerImpl', 'AsdfAsdf');
$this->expectException(new HTMLPurifier_Exception('Cannot instantiate unrecognized Lexer type AsdfAsdf'));
HTMLPurifier_Lexer::create($this->config);
}
function test_create_incompatibleLexer() {
$this->config->set('Core', 'LexerImpl', 'DOMLex');
$this->config->set('Core', 'MaintainLineNumbers', true);
$this->expectException(new HTMLPurifier_Exception('Cannot use lexer that does not support line numbers with Core.MaintainLineNumbers or Core.CollectErrors (use DirectLex instead)'));
HTMLPurifier_Lexer::create($this->config);
}
// HTMLPurifier_Lexer->parseData() -----------------------------------------
function assertParseData($input, $expect = true) {
if ($expect === true) $expect = $input;
$lexer = new HTMLPurifier_Lexer();
$this->assertIdentical($expect, $lexer->parseData($input));
}
function test_parseData_plainText() {
$this->assertParseData('asdf');
}
function test_parseData_ampersandEntity() {
$this->assertParseData('&', '&');
}
function test_parseData_quotEntity() {
$this->assertParseData('"', '"');
}
function test_parseData_aposNumericEntity() {
$this->assertParseData(''', "'");
}
function test_parseData_aposCompactNumericEntity() {
$this->assertParseData(''', "'");
}
function test_parseData_adjacentAmpersandEntities() {
$this->assertParseData('&&&', '&&&');
}
function test_parseData_trailingUnescapedAmpersand() {
$this->assertParseData('&&', '&&');
}
function test_parseData_internalUnescapedAmpersand() {
$this->assertParseData('Procter & Gamble');
}
function test_parseData_improperEntityFaultToleranceTest() {
$this->assertParseData('-');
}
// HTMLPurifier_Lexer->extractBody() ---------------------------------------
function assertExtractBody($text, $extract = true) {
$lexer = new HTMLPurifier_Lexer();
$result = $lexer->extractBody($text);
if ($extract === true) $extract = $text;
$this->assertIdentical($extract, $result);
}
function test_extractBody_noBodyTags() {
$this->assertExtractBody('Bold');
}
function test_extractBody_lowercaseBodyTags() {
$this->assertExtractBody('
Bold', 'Bold');
}
function test_extractBody_uppercaseBodyTags() {
$this->assertExtractBody('Bold', 'Bold');
}
function test_extractBody_realisticUseCase() {
$this->assertExtractBody(
'
xyz
',
'
');
}
function test_extractBody_bodyWithAttributes() {
$this->assertExtractBody('Bold', 'Bold');
}
function test_extractBody_preserveUnclosedBody() {
$this->assertExtractBody('asdf'); // not closed, don't accept
}
// HTMLPurifier_Lexer->tokenizeHTML() --------------------------------------
function assertTokenization($input, $expect, $alt_expect = array()) {
$lexers = array();
$lexers['DirectLex'] = new HTMLPurifier_Lexer_DirectLex();
if ($this->_has_pear) $lexers['PEARSax3'] = new HTMLPurifier_Lexer_PEARSax3();
if (class_exists('DOMDocument')) {
$lexers['DOMLex'] = new HTMLPurifier_Lexer_DOMLex();
$lexers['PH5P'] = new HTMLPurifier_Lexer_PH5P();
}
foreach ($lexers as $name => $lexer) {
$result = $lexer->tokenizeHTML($input, $this->config, $this->context);
if (isset($alt_expect[$name])) {
if ($alt_expect[$name] === false) continue;
$t_expect = $alt_expect[$name];
$this->assertIdentical($result, $alt_expect[$name], "$name: %s");
} else {
$t_expect = $expect;
$this->assertIdentical($result, $expect, "$name: %s");
}
if ($t_expect != $result) {
printTokens($result);
//var_dump($result);
}
}
}
function test_tokenizeHTML_emptyInput() {
$this->assertTokenization('', array());
}
function test_tokenizeHTML_plainText() {
$this->assertTokenization(
'This is regular text.',
array(
new HTMLPurifier_Token_Text('This is regular text.')
)
);
}
function test_tokenizeHTML_textAndTags() {
$this->assertTokenization(
'This is bold text',
array(
new HTMLPurifier_Token_Text('This is '),
new HTMLPurifier_Token_Start('b', array()),
new HTMLPurifier_Token_Text('bold'),
new HTMLPurifier_Token_End('b'),
new HTMLPurifier_Token_Text(' text'),
)
);
}
function test_tokenizeHTML_normalizeCase() {
$this->assertTokenization(
'Totally rad dude. asdf
',
array(
new HTMLPurifier_Token_Start('DIV', array()),
new HTMLPurifier_Token_Text('Totally rad dude. '),
new HTMLPurifier_Token_Start('b', array()),
new HTMLPurifier_Token_Text('asdf'),
new HTMLPurifier_Token_End('b'),
new HTMLPurifier_Token_End('div'),
)
);
}
function test_tokenizeHTML_notWellFormed() {
$this->assertTokenization(
'',
array(
new HTMLPurifier_Token_Start('asdf'),
new HTMLPurifier_Token_End('asdf'),
new HTMLPurifier_Token_Start('d'),
new HTMLPurifier_Token_End('d'),
new HTMLPurifier_Token_Start('poOloka'),
new HTMLPurifier_Token_Start('poolasdf'),
new HTMLPurifier_Token_Start('ds'),
new HTMLPurifier_Token_End('asdf'),
new HTMLPurifier_Token_End('ASDF'),
),
array(
'DOMLex' => $alt = array(
new HTMLPurifier_Token_Empty('asdf'),
new HTMLPurifier_Token_Empty('d'),
new HTMLPurifier_Token_Start('pooloka'),
new HTMLPurifier_Token_Start('poolasdf'),
new HTMLPurifier_Token_Empty('ds'),
new HTMLPurifier_Token_End('poolasdf'),
new HTMLPurifier_Token_End('pooloka'),
),
'PH5P' => $alt,
)
);
}
function test_tokenizeHTML_whitespaceInTag() {
$this->assertTokenization(
'Link to foobar',
array(
new HTMLPurifier_Token_Start('a',array('href'=>'foobar.php','title'=>'foo!')),
new HTMLPurifier_Token_Text('Link to '),
new HTMLPurifier_Token_Start('b',array('id'=>'asdf')),
new HTMLPurifier_Token_Text('foobar'),
new HTMLPurifier_Token_End('b'),
new HTMLPurifier_Token_End('a'),
)
);
}
function test_tokenizeHTML_emptyTag() {
$this->assertTokenization(
'
',
array( new HTMLPurifier_Token_Empty('br') )
);
}
function test_tokenizeHTML_comment() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Comment(' Comment ') ),
array(
'PEARSax3' => array( new HTMLPurifier_Token_Comment('-- Comment --') ),
)
);
}
function test_tokenizeHTML_malformedComment() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Comment(' not so well formed -') ),
array(
'PEARSax3' => array( new HTMLPurifier_Token_Comment('-- not so well formed ---') ),
)
);
}
function test_tokenizeHTML_unterminatedTag() {
$this->assertTokenization(
' array( new HTMLPurifier_Token_Empty('a', array('href'=>'')) ),
'PEARSax3' => array( new HTMLPurifier_Token_Start('a', array('href'=>'')) ),
'PH5P' => false, // total barfing, grabs scaffolding too
)
);
}
function test_tokenizeHTML_specialEntities() {
$this->assertTokenization(
'<b>',
array(
new HTMLPurifier_Token_Text('')
),
array(
// some parsers will separate entities out
'PEARSax3' => $split = array(
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('b'),
new HTMLPurifier_Token_Text('>'),
),
'PH5P' => $split,
)
);
}
function test_tokenizeHTML_earlyQuote() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Empty('a') ),
array(
// we barf on this input
'DirectLex' => $tokens = array(
new HTMLPurifier_Token_Start('a', array('"' => ''))
),
'PEARSax3' => $tokens,
'PH5P' => false, // behavior varies; handle this personally
)
);
}
function test_tokenizeHTML_earlyQuote_PH5P() {
if (!class_exists('DOMDocument')) return;
$lexer = new HTMLPurifier_Lexer_PH5P();
$result = $lexer->tokenizeHTML('', $this->config, $this->context);
if ($this->context->get('PH5PError', true)) {
$this->assertIdentical(array(
new HTMLPurifier_Token_Start('a', array('"' => ''))
), $result);
} else {
$this->assertIdentical(array(
new HTMLPurifier_Token_Empty('a', array('"' => ''))
), $result);
}
}
function test_tokenizeHTML_unescapedQuote() {
$this->assertTokenization(
'"',
array( new HTMLPurifier_Token_Text('"') )
);
}
function test_tokenizeHTML_escapedQuote() {
$this->assertTokenization(
'"',
array( new HTMLPurifier_Token_Text('"') ),
array(
'PEARSax3' => false, // PEAR barfs on this
)
);
}
function test_tokenizeHTML_cdata() {
$this->assertTokenization(
'can't get me!]]>',
array( new HTMLPurifier_Token_Text('You can't get me!') ),
array(
// PEAR splits up all of the CDATA
'PEARSax3' => $split = array(
new HTMLPurifier_Token_Text('You '),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('b'),
new HTMLPurifier_Token_Text('>'),
new HTMLPurifier_Token_Text('can'),
new HTMLPurifier_Token_Text('&'),
new HTMLPurifier_Token_Text('#39;t'),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('/b'),
new HTMLPurifier_Token_Text('>'),
new HTMLPurifier_Token_Text(' get me!'),
),
'PH5P' => $split,
)
);
}
function test_tokenizeHTML_characterEntity() {
$this->assertTokenization(
'θ',
array( new HTMLPurifier_Token_Text("\xCE\xB8") )
);
}
function test_tokenizeHTML_characterEntityInCDATA() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Text("→") ),
array(
'PEARSax3' => $split = array(
new HTMLPurifier_Token_Text('&'),
new HTMLPurifier_Token_Text('rarr;'),
),
'PH5P' => $split,
)
);
}
function test_tokenizeHTML_entityInAttribute() {
$this->assertTokenization(
'Link',
array(
new HTMLPurifier_Token_Start('a',array('href' => 'index.php?title=foo&id=bar')),
new HTMLPurifier_Token_Text('Link'),
new HTMLPurifier_Token_End('a'),
)
);
}
function test_tokenizeHTML_preserveUTF8() {
$this->assertTokenization(
"\xCE\xB8",
array( new HTMLPurifier_Token_Text("\xCE\xB8") )
);
}
function test_tokenizeHTML_specialEntityInAttribute() {
$this->assertTokenization(
'
',
array( new HTMLPurifier_Token_Empty('br', array('test' => 'x < 6')) )
);
}
function test_tokenizeHTML_emoticonProtection() {
$this->assertTokenization(
'Whoa! <3 That\'s not good >.>',
array(
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('Whoa! '),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('3 That\'s not good >.>'),
new HTMLPurifier_Token_End('b')
),
array(
// text is absorbed together
'DOMLex' => array(
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('Whoa! <3 That\'s not good >.>'),
new HTMLPurifier_Token_End('b'),
),
'PEARSax3' => false, // totally mangled
'PH5P' => array( // interesting grouping
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('Whoa! '),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('3 That\'s not good >.>'),
new HTMLPurifier_Token_End('b'),
),
)
);
}
function test_tokenizeHTML_commentWithFunkyChars() {
$this->assertTokenization(
'
',
array(
new HTMLPurifier_Token_Comment(' This >< comment '),
new HTMLPurifier_Token_Empty('br'),
),
array(
'PEARSax3' => false,
)
);
}
function test_tokenizeHTML_unterminatedComment() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Comment(' This comment < < & ') ),
array(
'PEARSax3' => false
)
);
}
function test_tokenizeHTML_attributeWithSpecialCharacters() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Empty('a', array('href' => '><>')) ),
array(
'DirectLex' => array(
new HTMLPurifier_Token_Start('a', array('href' => '')),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('">'),
),
'PEARSax3' => false,
)
);
}
function test_tokenizeHTML_emptyTagWithSlashInAttribute() {
$this->assertTokenization(
'',
array( new HTMLPurifier_Token_Empty('param', array('name' => 'src', 'value' => 'http://example.com/video.wmv')) )
);
}
function test_tokenizeHTML_style() {
$extra = array(
// PH5P doesn't seem to like style tags
'PH5P' => false,
// DirectLex defers to RemoveForeignElements for textification
'DirectLex' => array(
new HTMLPurifier_Token_Start('style', array('type' => 'text/css')),
new HTMLPurifier_Token_Comment("\ndiv {}\n"),
new HTMLPurifier_Token_End('style'),
),
);
if (!defined('LIBXML_VERSION') || LIBXML_VERSION < 20628) {
// libxml's behavior is wrong prior to this version, so make
// appropriate accomodations
// :NOTE: LIBXML_VERSION is missing in early versions of PHP
// prior to 1.30 of php-src/ext/libxml/libxml.c (version-wise,
// this translates to 5.0.x. In such cases, we assume that an old
// version of libxml is being used, although that *might* not
// be the case (it's very unlikely though)
$extra['DOMLex'] = $extra['DirectLex'];
}
$this->assertTokenization(
'',
array(
new HTMLPurifier_Token_Start('style', array('type' => 'text/css')),
new HTMLPurifier_Token_Text("\ndiv {}\n"),
new HTMLPurifier_Token_End('style'),
),
$extra
);
}
function test_tokenizeHTML_tagWithAtSignAndExtraGt() {
$this->assertTokenization(
'>',
array(
new HTMLPurifier_Token_Start('a'),
new HTMLPurifier_Token_Text('>'),
new HTMLPurifier_Token_End('a'),
),
array(
'DirectLex' => array(
// Technically this is invalid, but it won't be a
// problem with invalid element removal; also, this
// mimics Mozilla's parsing of the tag.
new HTMLPurifier_Token_Start('a@'),
new HTMLPurifier_Token_Text('>'),
),
)
);
}
function test_tokenizeHTML_emoticonHeart() {
$this->assertTokenization(
'
<3
',
array(
new HTMLPurifier_Token_Empty('br'),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('3'),
new HTMLPurifier_Token_Empty('br'),
),
array(
'DOMLex' => array(
new HTMLPurifier_Token_Empty('br'),
new HTMLPurifier_Token_Text('<3'),
new HTMLPurifier_Token_Empty('br'),
),
)
);
}
function test_tokenizeHTML_emoticonShiftyEyes() {
$this->assertTokenization(
'<<',
array(
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_End('b'),
),
array(
'DOMLex' => array(
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('<<'),
new HTMLPurifier_Token_End('b'),
),
)
);
}
function test_tokenizeHTML_eon1996() {
$this->assertTokenization(
'< test',
array(
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text(' '),
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('test'),
new HTMLPurifier_Token_End('b'),
),
array(
'DOMLex' => array(
new HTMLPurifier_Token_Text('< '),
new HTMLPurifier_Token_Start('b'),
new HTMLPurifier_Token_Text('test'),
new HTMLPurifier_Token_End('b'),
),
)
);
}
function test_tokenizeHTML_bodyInCDATA() {
$this->assertTokenization(
'Foo]]>',
array(
new HTMLPurifier_Token_Text('Foo'),
),
array(
'PH5P' => array(
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('body'),
new HTMLPurifier_Token_Text('>'),
new HTMLPurifier_Token_Text('Foo'),
new HTMLPurifier_Token_Text('<'),
new HTMLPurifier_Token_Text('/body'),
new HTMLPurifier_Token_Text('>'),
),
)
);
}
/*
function test_tokenizeHTML_() {
$this->assertTokenization(
,
array(
)
);
}
*/
}